Channels ▼
RSS

C/C++

Lockheed Martin to Promote Secure Coding Best Practices Certification


Lockheed Martin Promotes Secure Coding Best Practices with SANS Institute Partnership


Lockheed Martin is partnering with the SANS Institute to reduce cyber security vulnerabilities that may be introduced during software development. Through the Global Information Assurance Certification (GIAC) Secure Software Programmer (GSSP), Lockheed Martin developers will be given skills to enhance the security of the code they write.

Lockheed Martin developers will be offered assessments, skills development, and certification for secure coding through the SANS Institute. The GIAC GSSP examinations offered by SANS measure mastery of the essential competencies for secure programming developed by the Secure Programming Council, a consortium of individuals and organizations. The examinations, which use questions with code examples, are currently available for Java, C, and .NET developers, and are offered through SANS Institute.

Initially, the SANS/Lockheed Martin project will let Lockheed Martin assess the secure coding skills of 75 programmers, provide training to improve their skills, and certify its developers through a rigorous certification exam. Based on the results of the assessment and training, the program may be expanded to train a broader developer workforce.

"Lockheed Martin integrates all aspects of information assurance into every solution it delivers and continues to invest in proactive security measures," said Dr. Eric Cole, Senior Cyber Security Fellow at Lockheed Martin. "We are committed to improving secure software development practices and are certifying our employees who are working in the area of cyber security on customer programs," he continued.

Secure coding best practices can reduce risk to Federal agencies that depend on Internet-facing web applications to deliver service to the citizen. Carnegie Mellon University estimates that up to 90 percent of reported security incidents result from the exploitation of defects in software code or design.


Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Video